last executing test programs:

1m12.437338187s ago: executing program 4 (id=153):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
semget$private(0x0, 0x4, 0x29b)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrlimit(0x5, &(0x7f0000000240))
pselect6(0x0, 0x0, 0x0, &(0x7f0000000180)={0x1f, 0x3, 0x0, 0x0, 0x8000, 0x0, 0xfffffffffffffffe, 0x527}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1a}, 0x1c)
bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfd, 0x808b9027}, 0xc)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000bc0)="2f10a3", 0x3}], 0x1, 0x0, 0x0, 0x2c}, 0x40108c4)

1m10.242626221s ago: executing program 4 (id=156):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r6, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

1m4.486552355s ago: executing program 4 (id=164):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = msgget$private(0x0, 0x3ddcdb2b3700acee)
msgctl$IPC_INFO(r5, 0x3, &(0x7f00000000c0)=""/87)
connect$pppl2tp(r3, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x32)
splice(0xffffffffffffffff, &(0x7f0000000040)=0x1, r2, &(0x7f0000000080)=0x8, 0x0, 0x1)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000380)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21, @remote}, 0x4, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r6, 0x80047453, 0xfffffffffffffffe)

1m2.642616746s ago: executing program 4 (id=167):
socket$igmp6(0xa, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000480)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143b42, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008f}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0xc0008, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f00000000c0)={0xb, 0x459}, 0xc)
write$input_event(r0, &(0x7f0000000100)={{0x0, 0x2710}, 0x16, 0xffff, 0x3d84}, 0x18)
open(&(0x7f0000000080)='./file1\x00', 0x4000, 0x32)
syz_emit_ethernet(0x0, 0x0, 0x0)

58.907182171s ago: executing program 4 (id=172):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x12d, &(0x7f0000000200)="$eJzs2r9Kw1AUBvCjCEIfwamQgHXIf62DuyA4+QSG9t704o23JIK0U/EFFIfrI7i6iW4+QmafQN/AKZI2sTZ316Hfb7kfOZeTZDnTcTKVBjx3iPZm92cfm5lKu/3ocMADHtPCCRF1q1CU5YNLhvOfelHOXOOC9VqfvUSfvnAhWWj2AAAAAAAAAAAAAAAAAAAAAABYE9ZnHTojrR65kCz4Vc0n04tYSpblzROb6h0d4lodVfejlX69LyJ7vr8j9PFNVfdX6nbTaXek1Ub7fd5VOvbyydQRaZywhF2GYdT3933/IPTmvbx2R/uu/iYqyuexuU9kPy33id59c5+IOotja0fo2+t29+X/IyAgIDShPT9ouB1Zb9X8cAdKDv9wfhgTDeCffAcAAP//NHw5bA==")

56.083819353s ago: executing program 4 (id=178):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11fa, &(0x7f0000003100)="$eJzs3M+LG2UYB/DH3a6tW/eHWqvtpS960cvQ3YMXBVlkC9KA0jZCKwhTd1ZDxiRkQiAiRk9e/TvEozdBvHnai3+Dt7147EEcMbE/dlkPpdKp4fO55CHv+yXPS0LgHeadw7e+/ay7X2X7+SiWnno7lgYR6U6KFEtx11fx+pu/LMf1m7eu7rRau9dSurJzY+uNlNL6pZ8+/OL7V34enf3gh/UfT8fB5keHv2//dnD+4MLhnzc+7VSpU6Vef5TydLvfH+W3yyLtdapultL7ZZFXRer0qmJ4ZHy/7A8Gk5T39tZWB8OiqlLem6RuMUmjfhoNJyn/JO/0UpZlaW01eBTt7+7UdR1R1yvxdNR1XT8Tq3E2no21WI+N2Izn4vl4Ic7Fi3E+XoqX48JsVtN9AwAAAAAAAAAAAAAAAAAAwGJ5pPP/lxpuHgAAAAAAAAAAAAAAAAAAABbE9Zu3ru60WrvXUjoTUX4zbo/b89f5+M5+dKKMIi7HRvwRs9P/c/P6yrut3ctpZjO+Lqf/5Kfj9vLR/NbscQIn5rfm+XQvvxLTcft0rD6Y346NOHdyfvt4fvb5Z+K1Vx/IZ7ERv34c/ShjL/7O3s9/uZXSO++1juUvzuYBAADAIsjSPSfu37Ps38bn+Ye4PnBsf30qLp5qdu1EVJPPu3lZFsPGi7sdzd+ZRsQT0tgCFytPRhv/bbF85IfUfD//06K5/yQen/tfetOdAAAAAAAAAAAA8DAex+2ETa8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLHTgWAAAAABDmb51GxwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfBQAA//8aBcwX")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=0x1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000001c0)={0xf030000, 0x1, 0x7, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980909, 0x10000000, '\x00', @p_u32=0x0}})
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='ip6_vti0\x00', 0x10)

40.993283376s ago: executing program 32 (id=178):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11fa, &(0x7f0000003100)="$eJzs3M+LG2UYB/DH3a6tW/eHWqvtpS960cvQ3YMXBVlkC9KA0jZCKwhTd1ZDxiRkQiAiRk9e/TvEozdBvHnai3+Dt7147EEcMbE/dlkPpdKp4fO55CHv+yXPS0LgHeadw7e+/ay7X2X7+SiWnno7lgYR6U6KFEtx11fx+pu/LMf1m7eu7rRau9dSurJzY+uNlNL6pZ8+/OL7V34enf3gh/UfT8fB5keHv2//dnD+4MLhnzc+7VSpU6Vef5TydLvfH+W3yyLtdapultL7ZZFXRer0qmJ4ZHy/7A8Gk5T39tZWB8OiqlLem6RuMUmjfhoNJyn/JO/0UpZlaW01eBTt7+7UdR1R1yvxdNR1XT8Tq3E2no21WI+N2Izn4vl4Ic7Fi3E+XoqX48JsVtN9AwAAAAAAAAAAAAAAAAAAwGJ5pPP/lxpuHgAAAAAAAAAAAAAAAAAAABbE9Zu3ru60WrvXUjoTUX4zbo/b89f5+M5+dKKMIi7HRvwRs9P/c/P6yrut3ctpZjO+Lqf/5Kfj9vLR/NbscQIn5rfm+XQvvxLTcft0rD6Y346NOHdyfvt4fvb5Z+K1Vx/IZ7ERv34c/ShjL/7O3s9/uZXSO++1juUvzuYBAADAIsjSPSfu37Ps38bn+Ye4PnBsf30qLp5qdu1EVJPPu3lZFsPGi7sdzd+ZRsQT0tgCFytPRhv/bbF85IfUfD//06K5/yQen/tfetOdAAAAAAAAAAAA8DAex+2ETa8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLHTgWAAAAABDmb51GxwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfBQAA//8aBcwX")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=0x1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000001c0)={0xf030000, 0x1, 0x7, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980909, 0x10000000, '\x00', @p_u32=0x0}})
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='ip6_vti0\x00', 0x10)

32.781474546s ago: executing program 3 (id=216):
socket$key(0xf, 0x3, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x0, 0xa, 0x0, 0x3}, 0x1, 0x1, 0x80000001, 0xb, 0x2, 0x1c, 0x14, 0xa, 0x5, 0x7f, {0xc609, 0x5, 0x80, 0x5, 0x6, 0xf}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2}, 0x0)

27.370581666s ago: executing program 1 (id=224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_CONNINFO(r3, 0x11, 0x2, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r4, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)
pipe(0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xaf5, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

27.11750184s ago: executing program 3 (id=225):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0)

26.941834088s ago: executing program 3 (id=226):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8000}, 0x8)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80a501, 0x0)
close(r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x64}}, 0x0)
close(r4)
setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0xfffffffffffffffd, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x3a, 0x703, 0x270bd24, 0x25dfdbf8, {0xd}}, 0x14}}, 0x4008800)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000001080)=ANY=[@ANYBLOB="3a1e000000000000c20400000a4d0108000000000000000007100000000102dd42ffffffffffffffffffc910ff010000000000000000000000000001019a1cdf0227e8344a9e03b7f4161e9b0570ea36ecc3b63ff76d6fe14e11e3ba1c7d2b3ce5ceb4439f97909c8fd6b451a72d27d7315fb2d53a943f182e39045527c1fbce031e51d152226150f3b58e641c1e8161c55ced11ace1531472bef6d03a70a409f944013d020357068fd47c68e8cd8df0aca6857201aa4d39f108dd775f0ef9c892f1b4f7641fecba595d3feecebb1c5d03a633082c2aff330718000000000401040002000000000000000200000000000000c20400000005"], 0xf8)
getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9)

25.32279217s ago: executing program 1 (id=229):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000540)={0x10000, <r1=>r0, 'id0\x00'})
write$UHID_INPUT(r1, &(0x7f0000000b40)={0x8, {"21f0ec48b9808fc98e47f8723f0542b90fd38b6521221549d0e58e0dd0fdb7014997f9b644264f6a01a8ddf38accb4f0d4bc894d0844c0578ed82216a458fc1bbbe30406f2dab4fcf3394c52c554e619052cb258a540a2ea82f808a2e7eb93c4aa73c239ed5f72e6cca343125a0e9cd2ecc76a8332d950f856c19001994c32f35c463de86f6a417c9213b7e16fb45c8754bb39fe9776e46d156474cbb67d279c952efc906fe378522dcbb6918e453ae2c36a84caa62e43a1f3e9b552aacbd06abefa5d3a552521878f5383ebce838acdb8fe61c93ff4f393008209a2cbb015862dcf81faa5c75789ebb0324e643f0cb0ceaab3c51580162bb71a3adb8652ee5394c66e619aac62b26cdb901e28ad235caf4c7d60857f4f3f4c6e5aec8f19219ad8503f5554150aaed48970a575cd9488c270b87fc607f2613ea74b2566086b090f99595577d8b7789b8df14a769c0b206e403fc744f5cdb99b5d21cb17dca66c3a79ba2c622d027f486e31e38c82e3ced74fc536cbb06a8ec1467996bf3248462f4668b0c4aed7a5629360c21a540311ca6a3b37976fb50e5f013452e37fa865767be2301c11a267391012230d026ae13554bf3abb3e3eefd124163abb086ba865c673cd21226e447d358a7ecb6f2f934b08b5efe8e9824c53db78f71b92e7a9df00acedfb5b55571bbd61df91f555b62f381946578276d9dde641a7c5bc94584fb822263bd513416b803c69cdfbbf9b025265bf179fc2a97ee0ef0caa8a5d714aa5efd225e9fc68b95d38f09d4f7cc6956ca6bbf9eefc941caa1c2f92a8546f9a9cda7deb26692b600398378cc5ef9bb92f640aeb1345bc6ec8b1d2338e7a2d115a89f848d3bf5b0093d060d15a96b63fc6dfdc4f7876d264d67c01e143832c66d0050a5d1a1b6c379f3a046373221d03b99370f58506657d85a9051b1670bef5ce712d124b6ca947ab53f9a7c998ad9128d38771befb256041b3f90ea1c61555f88dad992e250b931536704957da586fd04aa6a7711bc5050e3624cafe628bd988f1255a2965155f0bbde7ac781a3c6419fe4364e0c96bbc8f88185cb991eae42bc98929d0d4a4a59477cfecff9f58c2d383c9547f76062a20d2e6359d667e955f8cbae5392751fd02ccbe8f3557156fab6e2ec6187dfceac2ff03a0b2d5a99517674b835077e7444ff9816e9f5823194e61f0fd025121469bde1f897b1884612790feb74ec6b297ffe7da8056eb297a8ebb0e7898130bca5a7f6079f3f46e067e1b33f159264b5cd57cf1cf75cc469d1e50cb114f7c591382c4a00dcf7c32b75c0e0a49acfda1f36fcf20a12737deff3496b523df04070769776bd64e35d3274c5436b4733d44939125407bf26f9e641a2e595e04bce6510dabf5a3929d099ed7800e547e177d5866d05178ce102df615c088951038c516935ea06654dd90b746491a540747037cceb2951ac79ac73fa46684c868c0a6c8bbce32d757a7051f36a0a4ebc3c3f43bb59e9e556431b1864b4f74a467857a2d75fae75077de37151c996a8a1b7098b94ca190f9f56905e2af5ebecefa2a55ce86f6be3e03f7a8db3b749dc51043bca18204ac1a48171bd6c7e7a89e7af74592870b9264ddc835cf6960e0f87400cc68024b1db0f6b98adbad3a1522edee43f579040e9923e467e2779b3cf27b7bdd5dacb95166fc6a35611b67f91e8e686c6aa54203ae1c544838882cde89e23b059bd7c949c56d0475990728a4af2b46a21a10920683ff1ed56f6a248b747971f4868b110f69c5afa1c2314876935ae49402026beb68e88c05fc6742d2d301b980716a8d056aff026fb88bcebad9502ca7452fc8c136e1ddf0bfcd51ffb2ed7454bcff2c178ab2b017d569dc48160688c90272d9699cb8f00b397770aa9e097de585ea5da65f6ab34250145ffd4a53862d284264fe4a8ae04d30ab38878fa39ed0e94555e3bede5bba7b5f05c91c3c176edd7468394980c6ac7b6282cce1c5cbf4475f459bc7bcf237e03e9727f87571eb8f6806ebd0869f4ea142f9be6599d53293effa73adf246feb54467993f439cc1783bcb43cc7f81cc5df21a1e48e541006b517fc25a9a45ced7f397a5769ced05601b38423cb9db0af3b53a19fed676a2789601627c5045bcf4bf3636dbf1d285764a2c1edee5f867fdd13c912291fcd804d2230d12a0c78c3a921c65b2d808c1e9e8d564539fd229bb0dc2832d1794c0396a6f43b3a67f420aee26af046fd4c56168f5cfa928bc4eee567730c62e84e130d3c45137ade5e620faff05bbd6ce9479e48bc4fb3dfa6b89992fb405925602fbdad77ec5e5521ff1963000f04f49668bb7782d3b66e37af01c04f08ce03053237c12be9e7b314df8cbd726346740f96a41479613a5f408547aa82243680e2b3731f9ffe1398b82fd0001c7b890eea3b889ad3976a59a223a29e12daa83003e437ce7e58ce39a5794459bb8983f2ad48777e3e4a022cf153838d48f1977695608ab38e838f543b7b82eca5d07ec1a6c1b7ca59b8561b7283390fc28b156ce2f31309c921b481b5a8365ca5b208bfd667d46d5d22967e900146671a548eddda498b2319bd157146b30e4b171ae73baaed0cc71f342d27ceeac2f7a9a2975635a5173775e9559c97e8036cc0b8babc386e49cbe2d3ac4b3e14d63cdd30675563fff06e9f5c4fdacb3f657540805323a9c32c49c0e5fa2d512ec4396e3ee64a40666b8cf02dfeb7db8e4cc641bf615aa33c6fce6af768e866bc468757630b14dc6e3c7e8a601c7e8441cb478f275c995366d9b2f4389c286bb2e3688906a5760d8e90e6d6c17d26016813ff3fe69c2f1deb2acb63166529016ba16117c7e64347133cc12aba1935ab053d05fcc058b62f8be0e97086ed844e5fab1ec2ff6dc1fad5b16f0528ecc606c6c9b293b6c4e18466bfc7469119c15794c9d831240618b69b7fc082f6c6f36c0f3ab0be84236f33ebfd1f56e54ad6208216bfeaf4724163245d22eee44888e70aee265558bfbfadaa57e9255448dc1c74fbdc7ee9c8783c75907a9d1cd0250ed746ac97fac0f364028d46b3c94962767c0b8db812099f27306a20750b5dfe4df0013f29a53c32a066e5b87792a9b396b0f5cfd2a497bf6da068b4e1d5d5b75a666c46e314dfe46c6aa6e8be3e4fb3272de4b687d85cccc9111451af528dce178525f3778e0b4beec8f623ba8d2fa4d5032853080de9a15145ac56a54ac979f88e1913c46e4be5d9eb37a632650959bae2afbf2a23514b6992ab70d7942f95b42e5fb78a5c0e580d837084f66f829ee9a964ec8d3be6d8d5cc353e2004cacf4a9bee7561c526b3512e09be1a8513b846ef8c83b2560ab8cfbe9f7b92e6398641a37ebc8059c619032afeb6eb44ffbb1c200aa0a17ac5a2b2c0b4111ad9e5fe7442c1a18e77a9aed000d2ed9d339b6026554e60f116c8ab4cff25a703c94a902584c722a89f5da48c33f78964a2231ce910f7aae1c10b71d7b79e5b91dd3f41ab9a2db6788d60c01da76c5b889e2103dc20a339875a6a33e45cd93634fe190af29ca32546dafbf68fe55ae547a98fdeecebbe84225dd84ba24a45f641b934fb3311d96a1279588cedb114075e1e3320364f157086cf8318441669b2164ed39dab762a2ee686ccb4a243559fb973bc8b589786e8be3fd20bd69e6a4746739583f70da8a4c3295af4b40087a854853ddc2aec0d064d58087dc68dff347823bacebd73f579440b0c2a44b0981002806a77e5ecb241bbfe2bb0feb489f3efc81af681d5e29e67766c4a0972980ab234ab4d934e2af2d59490503a5fd165e45436f77f61160ce52475fc873a0e8c8c4eaf6b223c44a2172ae0c0d8e966e66dad3b1a27c7374d039170b92c3fa0b3afdaa94bb6a7669ca040f5ad45be22097868b33feb22dd3b24485dce3661a38d0f8e608f86fe2a5b47507a2326fa15dfe095a7dddefe2ae8396e8078a287f2cd88fb7ccbac28d1bc1eaa28c63d4675f5ed33c58d969295f88556b3ef82eaff27f05601fabb803cb207335395d5c69504f23731d4107e8afe66c98bb0c4dcb224c466186a971f60a0a2bccabc4a50573cf31e0f366a440fc164993dd2590e342199718d75a15d331faca54675cce0316fa422261ea645a44cadba5639346f498053626704afe6c26fda4e4f32164eb0b80f8cf3e5d971c38cb7fc47e18e341dfbfb081c7de6fbe4c852efdd35bb26b59162b5d4e11e90f8d50bed43f3ebc790423b6d58474a2277e8c7c9343389e050bb9d85d92d8e7848f51449efd5be18abbf4d03d8d9852983de41fce39abd6c18a7564a1e96044e10c2eaa504f6572e837a7213b280eec6a90ca944d0683040e3849ac84d2865d9df5a397f7a467da9a1fe840e37a1be39dc1d42ff9aa83c5c2134260950f4875eb5839cf329e38b20abecbe72062ecfcf02bd5c4f152dfb1ad303edf9615b8c7079731a0b49a87d6e67b54b264e45757fb48690f7b181e8c2c04a706d1f28fbdb8c19a67959f8b9228feae350bd8eb62d2e628c7fc63cc7aea69ff3f8f65e02488b95893542f3329de7054d3d592ec1d68800e4c06a1e7f7d68861fb5c6c9f1dc7528d36f1a21f64336b821cd3dbaddd0d2a4c3379e32b875bb701a4663ea2d2cc0df5f24134db611eb02e048c36c7ba97b2e99a4aa1a258f8e8013740b483a9b2678f2b7e97ac4bbe894f5f5b530d258f037fdcb65ddefce14e117bd3dda482613acae29fdfc97d104936f4403f3cfdc768f9b3f1cbff49fa32a67473e12d48b64f06590bdd119dfd920b28698e7e2a1aa0cd4072650ed91009c82565fe51ceaa73c1becc7c7b5fdd86c0f6ac51d745e2c882d32d176fee36454e910b3e4e81b7849dd54d7347ce7eab0a07267cab9289d834cfa0f2fbf5e2782221524cdfd412b952c08209b1989d37b061c538d6d62e93e5253e18d5399dada135c63c362d1a7fcaa22a2c32ca3af01f79d2b782724ec21de29e4e71237b2eaea47ebd3f0822d705f2960d2a1f1f61ed2714b03c0ff9cab1dae56298c66d9fa8fd42eacee3f36232ae196285e337b79982fe1e2341f537968dffd94917a5d4b5acae6c3d1cb2e0c1531bf41957000405e7ff4780cb00eeb75d26d87ece88c92293871826c18c18ac98b04cad8905ee03e3010c34c6859b6ed492b7b3d22873f7ad12cad26037494b1d90d8d8f611b82a034d73eabb5e74080fc54f808a97273244c832ae753a8660797794f10a0e1e85320c2621eb428bb3967fd1380ae2c00ca0166ef196ebc2a8676dd8a506b4ae6042843f49d0ffe87d441362ba5ec8db1646767d00de6e5f3499bfc6efbbb4f16006191e933275848e45ba48b85ecfe1f7f16c61753b34e829b2812ae09a212963ba7c6a2012ee4a9f0156638714891fa07d8cf5d4c5c8525d0509198c7736c1727d902f08376401af385000595c6c99b2f6ef9e3bea94836e88301e3e7d8328f188885c494b46ff133b37467c750e01a86b25a21a4dd8f6e0f89201399c7eb6ceafca4ed3bd7375b3f63953a5a6720725439784b5e62e15c6ed6c3f03725b77d252011fef6264b625017b6ed4b9452233fde1f2f54cf52856a7ee8fcd91d3ce1b7383052f75de3439514576deec3cb493f914396fd83a48e5be74906f369deee9752e95990c37b8031bcd7cb2b60f7cd3c541d50df344c1a649c08fc198e589d1c3974ec3e2a7f03261b12eb4250103836b44689f4bb61359dcb80217370ad9e91d6d17f4fe1468b8c9a57d1fc312444bb6075c3e32cb410a210a07fb244b398166b663cc03", 0x1000}}, 0x1006)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="160000000000000004000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r5, 0x3309)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r6, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0xc04}}, 0x11c)

23.374249934s ago: executing program 3 (id=232):
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getpeername$qrtr(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000500)=0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(0xffffffffffffffff, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r4})
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r5 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

23.200319805s ago: executing program 1 (id=234):
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
r1 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x288, 0x0, 0xa, 0x148, 0xd0, 0x10, 0x1f0, 0x2a8, 0x2a8, 0x1f0, 0x2a8, 0x3, 0x0, {[{{@ip={@loopback, @multicast1, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x70, 0xd0, 0x0, {0x200003ae, 0x7f00}}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote, 0x7, 0x70, [0x13, 0x2a84, 0x26, 0x7, 0x2, 0x13, 0x7, 0x31, 0x10, 0x32, 0x2b, 0x3c, 0xc, 0x23, 0x801e, 0x32], 0x2, 0x80000001, 0x6}}}, {{@ip={@private=0xa010102, @dev={0xac, 0x14, 0x14, 0xf}, 0x0, 0x0, 'veth1_to_team\x00', 'ip6erspan0\x00', {}, {0xff}, 0x29, 0x3}, 0x0, 0xc0, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x5}}, @inet=@rpfilter={{0x28}, {0xb}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @empty, 0x80, 0x2, [0x26, 0x11, 0x3, 0x3ff, 0x3e, 0xd, 0x14, 0x30, 0x8, 0x40, 0x1039, 0xf, 0x4, 0x20, 0x16, 0x32], 0x2, 0x8, 0xffffffffffffff00}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x2e8)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
init_module(0x0, 0x78, 0x0)
io_uring_enter(r1, 0x7876, 0x2b1c, 0x44, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)

20.692431378s ago: executing program 3 (id=236):
syz_open_dev$hiddev(&(0x7f0000000040), 0x9, 0x200100)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x0, 0x0, 'sh\x00', 0x1e, 0x80}, 0x2c)
socket(0x2, 0x80805, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0x1d, r5, 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x5c, r4, 0xe17, 0x0, 0x0, {0x1, 0x0, 0x6000}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @local={0xfe, 0xfc}}]}, 0x5c}}, 0x0)

20.419096186s ago: executing program 1 (id=237):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000000d0a010800000000000000000a0000010900020073797a310f1d00000900010073797a31000000001c"], 0x48}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0), 0x200840d, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB])
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read$dsp(r1, &(0x7f00000001c0)=""/95, 0x5f)

19.654577367s ago: executing program 3 (id=238):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r6, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

18.253073518s ago: executing program 1 (id=241):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r5, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)

17.186980521s ago: executing program 1 (id=243):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x2000c000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x4, &(0x7f0000000440)=ANY=[], 0x0, 0x6, 0x21, &(0x7f0000000200)=""/33, 0x41100, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff], 0xffffffffffffffff, 0x10, 0x2}, 0x94)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
recvmmsg(r3, 0x0, 0x0, 0x40010000, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
unshare(0x40000080)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
setitimer(0x2, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

9.467527416s ago: executing program 2 (id=252):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fstat(0xffffffffffffffff, 0x0)
getgid()
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r4, 0x40084146, 0x0)
setregid(0xee00, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, &(0x7f0000000040)={0x0, @aes256, 0x0, @desc4})

8.127070901s ago: executing program 2 (id=253):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r0, 0x0, 0x36}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fanotify_mark(0xffffffffffffffff, 0x1, 0x40001039, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x4}]}}}]}]}], {0x14}}, 0x60}}, 0x4048010)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setresuid(0x0, 0xee00, 0xffffffffffffffff)
r4 = io_uring_setup(0xab0, &(0x7f0000000080)={0x0, 0xffffeff7, 0x800, 0x7, 0x2})
setrlimit(0x40000000000008, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

5.533559347s ago: executing program 0 (id=255):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000180)='./bus\x00', 0x200000, &(0x7f0000000140)=ANY=[], 0xfb, 0x2b0, &(0x7f0000000540)="$eJzs3E1rE10UwPHTtOlLSpssHh5QEA+60c3Qxk8QpAUxoNRGtAvh1k40ZExKJkYiYrtz6+coLt0J1i9QEHfuxU0RBDddSEc6L3Zaom1j22mb/w/C3My9Z+6dyUw4MzB3/d7rJ9Wya5VNU1LDKimRZdkQyW2VQn3hMuWXByVuWa6O/vh84c79uZuFYnFqRnW6MHstr6rjF98/e/Hm0ofm6N234++GZC33YP17/sva/2vn1jdno63Xm2p0vl5vmnnH1oWKW7VUbzu2cW2t1Fy7saO+7NQXF9tqagtjmcWG7bpqam2t2m1t1rXZaKt5ZCo1tSxLxzLSa/oPHFFamZkxhSMZDJIw0mllo1Ew/R0rSyvHMSgAAHCydJv/z30M1nWb/z+uuFpxtbZX/p+SA+X/ffKH/H/4+A7pKeLn/5sdk0acDemtG4CCyYTX707k/wAAAAAAAAAAAAAAAAAAAAAAnAYbnpf1PC8bLaPPUPjOTPQ96XHiaHTx+/clOFwcstiLe8MizqtWqVUKlkF9oSwVccSWibTIT/98CAXl6RvFqQn15WTVWQrj/ZcEh6L4SK5z/GQQr7H4pVYpLZl4/3nJyn+d4/O74tMi0ioNypXLsXhLsvLpodTFkQX/vN6Ofzmpev1WcVf/I347AAAAAADOAkt/y+28/w1mk7QsjaYN2VUfrFyW6PmAZPd4PqCyOijb8QNyfiC5/QYAAAAAoJe47edV4zh2g8LBCr146KxwFuW/NvY8b2mr0b93mhKRhPb0m4icgAMeK6QP44L9+jTYyH4aJ/WPBAAAAOCobCf9SY8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDetd/Jw6L23cw9FuuuP5m9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6GXwEAAP//2MgYNQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x260140, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
umount2(&(0x7f00000001c0)='./file0\x00', 0x2)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x4040)

5.406869144s ago: executing program 2 (id=256):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x4}}}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x4)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x3c, 0x0, 0xfc352beb38babd3a, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "beb651bb1faf90be2d9431391043cc99"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8004)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = io_uring_setup(0x1de0, &(0x7f0000001040)={0x0, 0x764, 0x0, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
ioctl(r4, 0x8b2a, 0x0)

4.466991825s ago: executing program 0 (id=257):
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vxcan0\x00', <r5=>0x0})
connect$can_bcm(r4, &(0x7f0000000140)={0x1d, r5}, 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="05"], 0x48}}, 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="06"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x2004c800)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)

4.438870333s ago: executing program 33 (id=238):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r6, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

4.409405679s ago: executing program 2 (id=259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = socket(0x22, 0x2, 0x24)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
close(r3)
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x12d, &(0x7f0000000200)="$eJzs2r9Kw1AUBvCjCEIfwamQgHXIf62DuyA4+QSG9t704o23JIK0U/EFFIfrI7i6iW4+QmafQN/AKZI2sTZ316Hfb7kfOZeTZDnTcTKVBjx3iPZm92cfm5lKu/3ocMADHtPCCRF1q1CU5YNLhvOfelHOXOOC9VqfvUSfvnAhWWj2AAAAAAAAAAAAAAAAAAAAAABYE9ZnHTojrR65kCz4Vc0n04tYSpblzROb6h0d4lodVfejlX69LyJ7vr8j9PFNVfdX6nbTaXek1Ub7fd5VOvbyydQRaZywhF2GYdT3933/IPTmvbx2R/uu/iYqyuexuU9kPy33id59c5+IOotja0fo2+t29+X/IyAgIDShPT9ouB1Zb9X8cAdKDv9wfhgTDeCffAcAAP//NHw5bA==")

3.294775905s ago: executing program 0 (id=260):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x208040, &(0x7f0000000080), 0x80, 0x63c, &(0x7f0000001bc0)="$eJzs3c9rG9kdAPDvjCwnTtw6KaU0aUsNPSRQothpaNqekvTQHAINNIdSeoiJ7dRE+UHsQOIG4kAPLbRQSq+l5NJ/oPRafF32tizs5rbnheyyZHcPu0u0zGgUK7IUa23L0mY+H5D05s1I7301enpvZjSaAEprOrtLI45ExJUkYqpt3mQ0Z04Xyz376MHV7JZEo/GbD5NIirzW8s+Lx4PZXdJ8zlvnI75V2Vzu8v3V63P1RtPDiJMrN26fXL6/emLpxty1hWsLN2dP/ez0mZmfz76xO3EeLB4vXPz19//2pz/8dPHt+okkzsbl6h/noyOO3TLdfHcjC7E9fywizmSJLu8L7KVK8XmsRsR3Yioq+VTTVCz9daiVAwaqUWn2T43xBlA6SQy7BsBwtMYBrW37QWwHj7Kn57L7e13iHyu23vfn20YHniVtW0ZZbsShXSh/LSK+eHD0X9kteuyHGNuFcnqW/ygivttt/Sd5/IfySLP400jbnpelZ4p9G1n9frmDOiRt6f4+fw93UNrLvkr87eshi/9s8Zjln+/x+lvt4pnumC5b+wNgONbPFR15NhCJjf4vGxm2xj/ROf5p/C8/NtTZd21H7/4v3YVX31o+/hvr1v+3+vv9eR+edozDklj75FL3l6x2Zrz3lwv/6FX+dNv4L7tl5bfGgn3Y8dDw6aOIox3x/zl/65MX6z/pMv7NFrnSZxm/eueDC73m7TD+HWs8jjjWdftnY1SapTqOTybROj55evbk4lJ9YaZ537WM/7/5+//0Kn/Y8Wfr/8BL8a9+rznn1es/y7vdZxn/vfT4RjO1b9O8yS3jT98fTy7nqfH8fqN5jScXi0WaD/fmVlbunHp1XVrL5I+zzfiP/6h7++8Rf77xMdH6yuzD7d9ef9b6Hu20w/X/vNHngr1k8c/3+Pxvtf7/3mcZn/7u7g+6zmi9JS/Fv7FPYmKbMQEAAAAAAEBZpfkx2CStvUinaa048PbtOJDWby2v/Hjx1t2b8xHH899DVtPWke6p5nSSTc8Wv4dtTZ/qmP5JRByOiH9WJvLp2tVqfX7YwQMAAAAAAAAAAAAAAAAAAMCIOFic//+8uB7Yx5U0rdWGXStgzwzyAnPAaNP+obzy9r8311sDRoz+H8qra/v3pQCloKlDeWn/UF7aP5SX9g/lpf1DefVu/5vmPBp0XQAAAACAXXP4h+tPxiJi7RcT+S0zXsyrDrVmwKB1tHFHAqFEKsOuADA0Lzp8p/9D6fS1jf9Z8eeAg68OMARJt8x8cNB4deNf7/pMAAAAAAAAAAAAAGAAjh1Zf5I4/x9KyWl/UF7bO/+/sv2nAiOj2x/++BMgKAfb+FByfewE2N9rhvP/AQAAAAAAAAAAAGDPTOa3JK0VPwOejDSt1SK+ERGHoposLtUXZiLimxHxbqW6L5ueHXalAQAAAAAAAAAAAAAAAAAA4DWzfH/1+ly9vnCnPfH5ppzXO9G64umo1Kc9EcnAi0ijI2ciIkYh9sEkxtpykoi1bM3vxisnO//8xCi8P0ViyF9MAAAAAAAAAAAAAAAAAABQQm3nHnd39N97XCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Hsb1/8fXGLYMQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX09fBgAA//925zoW")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
accept4$unix(r1, 0x0, &(0x7f00000000c0), 0x80000)
r3 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0x14, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f0000000040)='pkcs7_test\x00', 0x0, &(0x7f00000000c0), 0x0, r4)

1.961262135s ago: executing program 34 (id=243):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x2000c000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x4, &(0x7f0000000440)=ANY=[], 0x0, 0x6, 0x21, &(0x7f0000000200)=""/33, 0x41100, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff], 0xffffffffffffffff, 0x10, 0x2}, 0x94)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
recvmmsg(r3, 0x0, 0x0, 0x40010000, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
unshare(0x40000080)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
setitimer(0x2, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.808185515s ago: executing program 2 (id=262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r4, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x2, 0x6, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1.807497952s ago: executing program 0 (id=263):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0x6}, {&(0x7f0000000140)=""/9, 0xa}, {&(0x7f0000000300)=""/225, 0x2}, {&(0x7f0000000400)=""/41, 0xfeb2}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f00000004c0)=""/203, 0xcb}], 0x6, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{&(0x7f00000006c0), 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0xffffffffffffffe0}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680})

1.469342863s ago: executing program 0 (id=264):
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x40000022)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x1a8, 0x111, 0x4b4, 0x0, 0x700, 0x2b0, 0x278, 0x278, 0x2b0, 0x278, 0x3, 0x0, {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @empty, [0x0, 0x0, 0x0, 0xff0000ff], [0x1fffffffe, 0x0, 0xffffff00, 0xff], 'vlan0\x00', 'veth0_vlan\x00', {}, {0xff}, 0x6}, 0x0, 0x140, 0x1a8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20]}}, @common=@unspec=@helper={{0x48}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x3, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x67, 0x40}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)

403.015342ms ago: executing program 2 (id=265):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000040)={0x4, 0x1, 0x0, "27425289090000002472c1466a00ffcfea0be6a92a92df4b572b899d13f019e3"})
sendmsg$NL80211_CMD_SET_MAC_ACL(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)={0x1c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x2000c045}, 0x40008094)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r2, 0x0, 0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x20, 0x10, 0xffffffffffffffff, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x4157d}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x8000042)
io_uring_setup(0x2c49, &(0x7f0000003c40)={0x0, 0xaaf5, 0x100, 0x2})
r5 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c000090400000207010100090501020002"], 0x0)
syz_usb_control_io$printer(r5, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwritev2(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a3000000100090003007379"], 0x7c}}, 0x0)

0s ago: executing program 0 (id=266):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
close(0x3)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
setreuid(0xee01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$netlink(0x10, 0x3, 0x4)
syz_clone(0x108e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.45' (ED25519) to the list of known hosts.
[   74.862555][ T5809] cgroup: Unknown subsys name 'net'
[   74.991128][ T5809] cgroup: Unknown subsys name 'cpuset'
[   75.000436][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   76.464916][ T5809] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   80.591270][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.601066][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.605767][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.609502][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.617160][ T5831] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.623683][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.630876][ T5831] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.638728][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.645647][ T5831] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.652013][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.666288][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.667303][ T5831] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.681863][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.686607][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.691994][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.697518][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.704360][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.711330][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.718505][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.732868][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.738078][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.740883][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.755217][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.755336][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.771078][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   81.468397][ T5819] chnl_net:caif_netlink_parms(): no params data found
[   81.496804][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   81.658356][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   81.676435][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   81.733513][ T5820] chnl_net:caif_netlink_parms(): no params data found
[   81.807015][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.814331][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.821939][ T5821] bridge_slave_0: entered allmulticast mode
[   81.829317][ T5821] bridge_slave_0: entered promiscuous mode
[   81.850990][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.858323][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.865632][ T5819] bridge_slave_0: entered allmulticast mode
[   81.872881][ T5819] bridge_slave_0: entered promiscuous mode
[   81.895236][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.902505][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.910209][ T5821] bridge_slave_1: entered allmulticast mode
[   81.917289][ T5821] bridge_slave_1: entered promiscuous mode
[   81.929799][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.937054][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.944323][ T5819] bridge_slave_1: entered allmulticast mode
[   81.951406][ T5819] bridge_slave_1: entered promiscuous mode
[   82.034611][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.065291][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.095594][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.118591][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.209796][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.217004][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.224567][ T5822] bridge_slave_0: entered allmulticast mode
[   82.231733][ T5822] bridge_slave_0: entered promiscuous mode
[   82.250854][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.258674][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.266072][ T5833] bridge_slave_0: entered allmulticast mode
[   82.273811][ T5833] bridge_slave_0: entered promiscuous mode
[   82.284030][ T5819] team0: Port device team_slave_0 added
[   82.302975][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.310358][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.318113][ T5822] bridge_slave_1: entered allmulticast mode
[   82.325123][ T5822] bridge_slave_1: entered promiscuous mode
[   82.334515][ T5821] team0: Port device team_slave_0 added
[   82.344461][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.351772][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.358980][ T5833] bridge_slave_1: entered allmulticast mode
[   82.365980][ T5833] bridge_slave_1: entered promiscuous mode
[   82.375829][ T5819] team0: Port device team_slave_1 added
[   82.381671][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.388939][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.396074][ T5820] bridge_slave_0: entered allmulticast mode
[   82.403358][ T5820] bridge_slave_0: entered promiscuous mode
[   82.424760][ T5821] team0: Port device team_slave_1 added
[   82.454079][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.461362][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.469278][ T5820] bridge_slave_1: entered allmulticast mode
[   82.476311][ T5820] bridge_slave_1: entered promiscuous mode
[   82.545791][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.570721][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.581048][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.588229][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.614938][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.639432][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.653942][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.661158][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.687796][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.701631][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.727019][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.734688][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.734827][ T5830] Bluetooth: hci1: command tx timeout
[   82.760724][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.772922][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.800111][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.807083][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.834312][ T5830] Bluetooth: hci4: command tx timeout
[   82.838324][ T5144] Bluetooth: hci2: command tx timeout
[   82.840552][ T5830] Bluetooth: hci0: command tx timeout
[   82.845997][ T5144] Bluetooth: hci3: command tx timeout
[   82.852458][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.883660][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.929791][ T5833] team0: Port device team_slave_0 added
[   82.938405][ T5833] team0: Port device team_slave_1 added
[   82.958089][ T5822] team0: Port device team_slave_0 added
[   82.968793][ T5822] team0: Port device team_slave_1 added
[   82.999308][ T5820] team0: Port device team_slave_0 added
[   83.008629][ T5820] team0: Port device team_slave_1 added
[   83.083811][ T5819] hsr_slave_0: entered promiscuous mode
[   83.090444][ T5819] hsr_slave_1: entered promiscuous mode
[   83.097904][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.104884][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.131091][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.169536][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.176502][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.203120][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.216343][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.223505][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.249676][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.261978][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.268993][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.295376][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.310683][ T5821] hsr_slave_0: entered promiscuous mode
[   83.317146][ T5821] hsr_slave_1: entered promiscuous mode
[   83.323477][ T5821] debugfs: 'hsr0' already exists in 'hsr'
[   83.329562][ T5821] Cannot create hsr debugfs directory
[   83.336022][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.343217][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.369970][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.383344][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.390489][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.416789][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.628100][ T5822] hsr_slave_0: entered promiscuous mode
[   83.634644][ T5822] hsr_slave_1: entered promiscuous mode
[   83.641409][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   83.647151][ T5822] Cannot create hsr debugfs directory
[   83.677284][ T5833] hsr_slave_0: entered promiscuous mode
[   83.685219][ T5833] hsr_slave_1: entered promiscuous mode
[   83.692124][ T5833] debugfs: 'hsr0' already exists in 'hsr'
[   83.698154][ T5833] Cannot create hsr debugfs directory
[   83.752285][ T5820] hsr_slave_0: entered promiscuous mode
[   83.758866][ T5820] hsr_slave_1: entered promiscuous mode
[   83.765021][ T5820] debugfs: 'hsr0' already exists in 'hsr'
[   83.770944][ T5820] Cannot create hsr debugfs directory
[   84.285315][ T5819] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   84.297960][ T5819] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   84.317397][ T5819] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   84.328943][ T5819] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   84.373324][ T5821] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.390786][ T5821] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.401491][ T5821] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.412156][ T5821] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.542163][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   84.563250][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   84.601848][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   84.613790][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   84.711200][ T5833] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   84.736784][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.747029][ T5833] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   84.759458][ T5833] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   84.772745][ T5833] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   84.803755][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.811236][ T5144] Bluetooth: hci1: command tx timeout
[   84.842585][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   84.889062][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   84.896398][ T5832] Bluetooth: hci0: command tx timeout
[   84.896418][ T5830] Bluetooth: hci2: command tx timeout
[   84.901995][ T5832] Bluetooth: hci4: command tx timeout
[   84.913690][ T5144] Bluetooth: hci3: command tx timeout
[   84.927250][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   84.945013][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.952670][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.969546][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   84.980386][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   85.004018][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   85.016246][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.023711][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.060503][ T2903] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.067636][ T2903] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.079842][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.086943][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.204809][ T5819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.280578][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.354437][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   85.384300][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.445156][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.476132][ T2903] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.483737][ T2903] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.516206][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.523636][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.575567][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   85.600942][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.621236][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   85.645977][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.653238][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.662523][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.669906][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.680704][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.687918][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.730736][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.737985][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.789188][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.814061][ T5822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.977645][ T5833] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   86.001447][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.035875][ T5819] veth0_vlan: entered promiscuous mode
[   86.132033][ T5821] veth0_vlan: entered promiscuous mode
[   86.162489][ T5819] veth1_vlan: entered promiscuous mode
[   86.226688][ T5821] veth1_vlan: entered promiscuous mode
[   86.296094][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.334745][ T5819] veth0_macvtap: entered promiscuous mode
[   86.360655][ T5819] veth1_macvtap: entered promiscuous mode
[   86.385431][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.403879][ T5821] veth0_macvtap: entered promiscuous mode
[   86.433684][ T5821] veth1_macvtap: entered promiscuous mode
[   86.465509][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.476047][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.506496][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.531614][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.545250][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.553567][ T5822] veth0_vlan: entered promiscuous mode
[   86.607845][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.617281][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.669955][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.683997][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.706205][ T5822] veth1_vlan: entered promiscuous mode
[   86.722154][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.733641][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.781394][ T1039] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.792940][ T1039] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.884922][ T5820] veth0_vlan: entered promiscuous mode
[   86.902167][ T5832] Bluetooth: hci1: command tx timeout
[   86.914933][ T2903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.940879][ T2903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.968669][ T5832] Bluetooth: hci3: command tx timeout
[   86.974206][ T5832] Bluetooth: hci4: command tx timeout
[   86.979780][ T5144] Bluetooth: hci2: command tx timeout
[   86.980717][ T5830] Bluetooth: hci0: command tx timeout
[   87.035465][ T5820] veth1_vlan: entered promiscuous mode
[   87.056332][ T5822] veth0_macvtap: entered promiscuous mode
[   87.110067][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.127448][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.145360][ T5822] veth1_macvtap: entered promiscuous mode
[   87.201215][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.216664][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.250948][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.267762][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.292906][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.344577][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.363278][ T5820] veth0_macvtap: entered promiscuous mode
[   87.379410][ T5833] veth0_vlan: entered promiscuous mode
[   87.388582][ T5821] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   87.414243][ T5820] veth1_macvtap: entered promiscuous mode
[   87.435890][   T50] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.468544][ T5833] veth1_vlan: entered promiscuous mode
[   87.480318][   T50] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.558367][   T50] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.567138][   T50] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.614311][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.653413][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.817459][ T5950] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   88.137288][ T5954] syz.0.1 uses obsolete (PF_INET,SOCK_PACKET)
[   88.328799][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.337899][ T2903] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.352872][ T5952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.368129][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.381368][ T5952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.494326][ T2903] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.507992][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   88.508730][ T2903] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.779496][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.820966][ T5833] veth0_macvtap: entered promiscuous mode
[   88.974077][ T5830] Bluetooth: hci1: command tx timeout
[   89.022660][ T5833] veth1_macvtap: entered promiscuous mode
[   89.048387][ T5830] Bluetooth: hci4: command tx timeout
[   89.053979][ T5830] Bluetooth: hci0: command tx timeout
[   89.059882][ T5830] Bluetooth: hci2: command tx timeout
[   89.065396][ T5830] Bluetooth: hci3: command tx timeout
[   89.298064][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   89.327508][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   89.765174][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.906890][ T5964] loop3: detected capacity change from 0 to 256
[   90.457195][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.508059][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   90.530978][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.563358][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.658685][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   90.767528][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.788140][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   90.814551][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.289152][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   91.431174][ T5952] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.439674][ T5952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.230799][   T24] cfg80211: failed to load regulatory.db
[   92.338010][ T5974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.345863][ T5974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.810679][ T5974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.886716][ T5974] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.330783][ T5994] delete_channel: no stack
[   96.010797][ T5990] delete_channel: no stack
[   96.375346][ T5974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.562967][ T6000] loop3: detected capacity change from 0 to 2048
[   96.651570][ T6000] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   96.934996][ T5974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.082708][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.359410][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.394280][ T1039] Bluetooth: hci5: Frame reassembly failed (-84)
[   98.435858][ T6018] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   98.469902][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.131054][ T5832] Bluetooth: hci2: command 0x0406 tx timeout
[  100.411438][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  101.605529][ T6038] mmap: syz.4.21 (6038) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  102.827462][ T6045] loop2: detected capacity change from 0 to 1024
[  103.073573][ T6049] =======================================================
[  103.073573][ T6049] WARNING: The mand mount option has been deprecated and
[  103.073573][ T6049]          and is ignored by this kernel. Remove the mand
[  103.073573][ T6049]          option from the mount to silence this warning.
[  103.073573][ T6049] =======================================================
[  103.776412][ T5974] hfsplus: b-tree write err: -5, ino 4
[  105.999986][ T6072] loop4: detected capacity change from 0 to 512
[  106.128984][ T6073] netlink: 20 bytes leftover after parsing attributes in process `syz.0.31'.
[  107.119572][ T6072] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  107.128978][ T6072] EXT4-fs (loop4): orphan cleanup on readonly fs
[  107.137885][ T6072] Quota error (device loop4): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[  107.151317][ T6072] EXT4-fs warning (device loop4): ext4_enable_quotas:7181: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  107.187942][ T6072] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  107.201888][ T6072] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.29: bg 0: block 40: padding at end of block bitmap is not set
[  107.220614][ T6072] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  107.234576][ T6072] EXT4-fs (loop4): 1 truncate cleaned up
[  107.264044][ T6072] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.090406][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.424361][   T30] audit: type=1326 audit(1762869138.308:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  110.459500][ T6091] overlayfs: failed to resolve './file0': -2
[  110.540116][ T6094] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  110.546867][ T6094] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  110.574994][ T6094] vhci_hcd vhci_hcd.0: Device attached
[  110.623255][ T6097] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(7)
[  110.629803][ T6097] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  110.830694][    T9] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  111.070136][    T9] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  111.504163][   T30] audit: type=1326 audit(1762869138.358:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  111.589009][ T6097] vhci_hcd vhci_hcd.0: Device attached
[  111.643747][ T6094] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(9)
[  111.650305][ T6094] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  111.675188][ T6106] netlink: 20 bytes leftover after parsing attributes in process `syz.2.40'.
[  111.725303][ T6103] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(6)
[  111.731868][ T6103] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  111.742434][ T6106] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  111.788416][   T30] audit: type=1326 audit(1762869138.358:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  111.861516][ T6106] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns
[  111.871000][ T6106] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  111.894730][ T6094] vhci_hcd vhci_hcd.0: Device attached
[  111.906791][ T6103] vhci_hcd vhci_hcd.0: Device attached
[  111.912628][   T30] audit: type=1326 audit(1762869138.358:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  111.977788][   T30] audit: type=1326 audit(1762869138.358:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  112.651090][   T30] audit: type=1326 audit(1762869138.368:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  112.712859][ T6094] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  112.719502][ T6094] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  112.977443][ T6094] vhci_hcd vhci_hcd.0: Device attached
[  112.996152][   T30] audit: type=1326 audit(1762869138.368:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  113.018410][   T30] audit: type=1326 audit(1762869138.368:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  113.040891][   T30] audit: type=1326 audit(1762869138.378:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f950f59161a code=0x7ffc0000
[  113.116525][   T30] audit: type=1326 audit(1762869138.378:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f950f58df10 code=0x7ffc0000
[  113.230077][ T6099] vhci_hcd: connection closed
[  113.234531][ T6114] vhci_hcd: connection closed
[  113.240801][ T6095] vhci_hcd: connection reset by peer
[  113.253975][ T6107] vhci_hcd: connection closed
[  113.254494][ T6108] vhci_hcd: connection closed
[  113.265996][   T13] vhci_hcd vhci_hcd.1: stop threads
[  113.307278][   T30] audit: type=1326 audit(1762869138.378:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f950f58e17f code=0x7ffc0000
[  113.331715][   T13] vhci_hcd vhci_hcd.1: release socket
[  113.345074][ T6111] loop0: detected capacity change from 0 to 8192
[  113.525159][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  113.538827][   T13] vhci_hcd vhci_hcd.1: stop threads
[  113.544296][   T13] vhci_hcd vhci_hcd.1: release socket
[  113.570197][   T30] audit: type=1326 audit(1762869138.918:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f950f58e32a code=0x7ffc0000
[  113.590617][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  114.238821][   T13] vhci_hcd vhci_hcd.1: stop threads
[  114.249038][   T13] vhci_hcd vhci_hcd.1: release socket
[  114.271035][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  114.319189][   T13] vhci_hcd vhci_hcd.1: stop threads
[  114.324409][   T13] vhci_hcd vhci_hcd.1: release socket
[  114.343119][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  114.357804][   T30] audit: type=1326 audit(1762869138.938:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  114.372006][ T6127] Zero length message leads to an empty skb
[  114.401648][   T13] vhci_hcd vhci_hcd.1: stop threads
[  114.414168][ T6126] loop4: detected capacity change from 0 to 8
[  114.521147][   T13] vhci_hcd vhci_hcd.1: release socket
[  114.527850][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  114.548096][   T30] audit: type=1326 audit(1762869138.948:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950f58f6c9 code=0x7ffc0000
[  115.165526][   T30] audit: type=1326 audit(1762869139.518:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.1.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f950f59161a code=0x7ffc0000
[  115.482621][ T6132] SQUASHFS error: Failed to read block 0x1ec: -5
[  115.490320][ T6132] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  116.178781][ T6145] loop0: detected capacity change from 0 to 256
[  116.857926][    T9] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  117.049127][ T6145] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d)
[  117.074156][ T6152] overlayfs: failed to resolve './file1': -2
[  117.093543][ T6145] exFAT-fs (loop0): failed to load alloc-bitmap
[  117.110455][ T6145] exFAT-fs (loop0): failed to recognize exfat type
[  117.908419][ T6160] loop3: detected capacity change from 0 to 4096
[  118.420131][ T6160] ntfs3(loop3): ino=1, mi_enum_attr
[  118.426029][ T6160] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  118.472617][ T6160] ntfs3(loop3): Failed to load $MFTMirr (-22).
[  118.856121][ T6164] loop0: detected capacity change from 0 to 40427
[  118.866799][ T6164] F2FS-fs (loop0): build fault injection rate: 14
[  118.873392][ T6164] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  119.008227][ T6164] F2FS-fs (loop0): invalid crc value
[  119.029846][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  119.076247][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  119.148359][ T6164] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  119.157553][ T6164] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  119.174742][ T6164] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  119.196275][  T793] usb usb36-port1: attempt power cycle
[  119.259384][ T6165] loop4: detected capacity change from 0 to 8
[  119.426092][ T6175] loop1: detected capacity change from 0 to 256
[  120.425287][ T6173] netlink: 68 bytes leftover after parsing attributes in process `syz.3.56'.
[  120.810278][  T793] usb usb36-port1: unable to enumerate USB device
[  120.849827][ T6164] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  121.216615][ T6177] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_convert_inline_inode+0x6bd/0x880
[  121.582773][ T6182] x_tables: duplicate underflow at hook 1
[  121.927213][ T6187] loop3: detected capacity change from 0 to 64
[  122.671448][ T5821] syz-executor: attempt to access beyond end of device
[  122.671448][ T5821] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  122.743086][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  122.743113][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  122.743140][ T5821] Call Trace:
[  122.743148][ T5821]  <TASK>
[  122.743164][ T5821]  dump_stack_lvl+0x189/0x250
[  122.743192][ T5821]  ? preempt_schedule_thunk+0x16/0x30
[  122.743215][ T5821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.743238][ T5821]  ? __pfx_queue_work_on+0x10/0x10
[  122.743258][ T5821]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  122.743284][ T5821]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  122.743317][ T5821]  f2fs_handle_critical_error+0x37c/0x540
[  122.743352][ T5821]  f2fs_write_end_io+0x886/0xb60
[  122.743390][ T5821]  __submit_merged_bio+0x256/0x6a0
[  122.743424][ T5821]  __submit_merged_write_cond+0x255/0x530
[  122.743459][ T5821]  f2fs_write_data_pages+0x261d/0x3000
[  122.743507][ T5821]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  122.743587][ T5821]  ? __lock_acquire+0xab9/0xd20
[  122.743617][ T5821]  ? do_raw_spin_lock+0x121/0x290
[  122.743643][ T5821]  ? do_raw_spin_unlock+0x122/0x240
[  122.743659][ T5821]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  122.743679][ T5821]  do_writepages+0x32e/0x550
[  122.743714][ T5821]  ? do_raw_spin_unlock+0x122/0x240
[  122.743737][ T5821]  filemap_fdatawrite+0x199/0x240
[  122.743763][ T5821]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  122.743828][ T5821]  ? preempt_schedule_thunk+0x16/0x30
[  122.743858][ T5821]  f2fs_sync_dirty_inodes+0x30f/0x830
[  122.743895][ T5821]  f2fs_write_checkpoint+0x93e/0x2440
[  122.743915][ T5821]  ? __lock_acquire+0xab9/0xd20
[  122.743962][ T5821]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  122.744045][ T5821]  kill_f2fs_super+0x2cc/0x6d0
[  122.744073][ T5821]  ? __pfx_kill_f2fs_super+0x10/0x10
[  122.744108][ T5821]  ? shrinker_free+0x2ce/0x3e0
[  122.744132][ T5821]  deactivate_locked_super+0xbc/0x130
[  122.744163][ T5821]  cleanup_mnt+0x425/0x4c0
[  122.744183][ T5821]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.744213][ T5821]  task_work_run+0x1d4/0x260
[  122.744237][ T5821]  ? __pfx_task_work_run+0x10/0x10
[  122.744262][ T5821]  ? exit_to_user_mode_loop+0x55/0x4f0
[  122.744289][ T5821]  exit_to_user_mode_loop+0xff/0x4f0
[  122.744312][ T5821]  ? rcu_is_watching+0x15/0xb0
[  122.744341][ T5821]  do_syscall_64+0x2e9/0xfa0
[  122.744359][ T5821]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.744377][ T5821]  ? clear_bhb_loop+0x60/0xb0
[  122.744399][ T5821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.744414][ T5821] RIP: 0033:0x7fb8763909f7
[  122.744437][ T5821] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  122.744453][ T5821] RSP: 002b:00007ffc84d70f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  122.744479][ T5821] RAX: 0000000000000000 RBX: 00007fb876411d7d RCX: 00007fb8763909f7
[  122.744492][ T5821] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc84d71040
[  122.744502][ T5821] RBP: 00007ffc84d71040 R08: 0000000000000000 R09: 0000000000000000
[  122.744512][ T5821] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc84d720d0
[  122.744523][ T5821] R13: 00007fb876411d7d R14: 000000000001db78 R15: 00007ffc84d72110
[  122.744552][ T5821]  </TASK>
[  122.746424][ T5821] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  123.610319][ T6194] loop1: detected capacity change from 0 to 1024
[  123.668050][ T6198] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  126.473389][ T6208] loop2: detected capacity change from 0 to 2048
[  126.773484][ T6211] Context (ID=0x1) not attached to queue pair (handle=0x2:0x40)
[  128.047446][ T6219] loop1: detected capacity change from 0 to 764
[  128.499689][ T6225] Symlink component flag not implemented
[  128.505523][ T6225] Symlink component flag not implemented
[  128.511467][ T6225] Symlink component flag not implemented (128)
[  128.517762][ T6225] Symlink component flag not implemented (122)
[  133.107552][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  133.114734][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  134.545097][ T6265] loop4: detected capacity change from 0 to 128
[  134.572327][ T6265] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4636: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  134.626945][ T6265] EXT4-fs (loop4): Encoding requested by superblock is unknown
[  136.238931][ T6274] syz_tun: entered allmulticast mode
[  136.954711][ T6286] loop4: detected capacity change from 0 to 8192
[  136.994657][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  136.994675][   T30] audit: type=1800 audit(1762869164.888:46): pid=6286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.80" name="file1" dev="loop4" ino=1048654 res=0 errno=0
[  138.828775][ T6274] syz_tun: left allmulticast mode
[  141.597949][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  141.697759][ T6311] team_slave_0: entered promiscuous mode
[  141.703799][ T6311] team_slave_1: entered promiscuous mode
[  141.710310][ T6311] macsec1: entered promiscuous mode
[  141.716198][ T6311] team0: entered promiscuous mode
[  141.723681][ T6311] macsec1: entered allmulticast mode
[  141.729610][ T6311] team0: entered allmulticast mode
[  141.735169][ T6311] team_slave_0: entered allmulticast mode
[  141.741210][ T6311] team_slave_1: entered allmulticast mode
[  141.910446][ T6311] team0: left allmulticast mode
[  141.915642][ T6311] team_slave_0: left allmulticast mode
[  141.924567][ T6311] team_slave_1: left allmulticast mode
[  141.931704][ T6311] team0: left promiscuous mode
[  141.939179][ T6311] team_slave_0: left promiscuous mode
[  141.944709][ T6311] team_slave_1: left promiscuous mode
[  147.545325][ T6339] loop4: detected capacity change from 0 to 2048
[  148.222513][ T6339] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.958178][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  149.323995][ T6360] loop1: detected capacity change from 0 to 512
[  150.161429][ T6360] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  150.262848][ T6360] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  150.284648][ T6364] loop3: detected capacity change from 0 to 512
[  150.302301][   T10] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  150.315652][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.357027][   T10] usb 3-1: Product: syz
[  150.362130][   T10] usb 3-1: Manufacturer: syz
[  150.366745][   T10] usb 3-1: SerialNumber: syz
[  150.386936][ T6360] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.100: bad orphan inode 131083
[  150.564802][ T6360] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.584129][   T10] usb 3-1: config 0 descriptor??
[  150.611261][ T6369] loop4: detected capacity change from 0 to 32768
[  150.999699][ T6369] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.051808][   T10] gspca_main: sunplus-2.14.0 probing 055f:c230
[  151.868188][   T10] gspca_sunplus: reg_r err -110
[  151.873274][   T10] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  151.926734][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.960677][ T6369] XFS (loop4): Ending clean mount
[  152.778710][ T2903] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x126/0x1f0, xfs_agfl block 0x3 
[  152.806560][ T2903] XFS (loop4): Unmount and run xfs_repair
[  152.844587][ T2903] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  152.859790][ T2903] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  153.265205][ T2903] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  153.284619][ T2903] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  153.348097][ T2903] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  153.384565][  T793] usb 3-1: USB disconnect, device number 2
[  153.420391][ T2903] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  153.476779][ T2903] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  153.535696][ T2903] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  153.556485][ T2903] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  153.587951][ T2903] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x202/0x410" at daddr 0x3 len 1 error 74
[  153.616618][ T2903] XFS (loop4): page discard on page ffffea00014f68c0, inode 0x2449, pos 0.
[  154.585448][ T5833] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.980097][ T6396] process 'syz.3.106' launched './file0' with NULL argv: empty string added
[  155.093273][ T5833] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair.
[  155.406185][ T6400] loop2: detected capacity change from 0 to 4096
[  158.922991][ T6400] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  159.024719][ T6400] ntfs3(loop2): Failed to read $AttrDef (-4).
[  159.432676][ T6404] loop3: detected capacity change from 0 to 2048
[  159.453828][ T6404] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362
[  159.561958][ T6404] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  159.596870][ T6404] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  159.646716][ T6404] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.547543][ T6409] loop1: detected capacity change from 0 to 4096
[  161.261971][   T30] audit: type=1804 audit(1762869189.098:47): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.112" name="/newroot/21/file0/file1" dev="loop1" ino=30 res=1 errno=0
[  163.952436][ T6445] loop0: detected capacity change from 0 to 128
[  163.964449][ T6445] vxfs: Unknown parameter 'âsßgæ'
[  166.047354][ T6465] loop4: detected capacity change from 0 to 16
[  169.979824][ T6483] loop3: detected capacity change from 0 to 22
[  169.987306][ T6483] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  170.006726][ T6483] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  170.569869][ T6492] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  170.969473][ T6496] netlink: 'syz.4.130': attribute type 10 has an invalid length.
[  170.977883][ T6496] netlink: 40 bytes leftover after parsing attributes in process `syz.4.130'.
[  171.040266][ T6496] batman_adv: batadv0: Adding interface: virt_wifi0
[  171.049180][ T6496] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  171.075212][ T6496] batman_adv: batadv0: Interface activated: virt_wifi0
[  171.675458][ T6500] hugetlbfs: syz.1.131 (6500): Using mlock ulimits for SHM_HUGETLB is obsolete
[  172.881249][ T6505] loop3: detected capacity change from 0 to 1024
[  173.683531][ T6505] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.831363][ T6505] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.365109][ T6523] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  174.372563][ T6523] overlayfs: failed to set xattr on upper
[  174.378517][ T6523] overlayfs: ...falling back to redirect_dir=nofollow.
[  174.385526][ T6523] overlayfs: ...falling back to index=off.
[  174.391610][ T6523] overlayfs: ...falling back to uuid=null.
[  174.456560][ T6524] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  178.379308][ T6551] loop4: detected capacity change from 0 to 22
[  178.386699][ T6551] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  178.394154][ T6551] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  180.795690][ T6565] loop0: detected capacity change from 0 to 1024
[  180.809873][ T6574] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/nullb0": -EINTR
[  182.136518][ T6585] loop2: detected capacity change from 0 to 2048
[  182.614524][ T6585] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  183.255491][   T30] audit: type=1326 audit(1762869211.118:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  183.298958][   T30] audit: type=1326 audit(1762869211.168:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  183.484263][   T30] audit: type=1326 audit(1762869211.198:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  183.510681][   T30] audit: type=1326 audit(1762869211.378:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  183.585500][   T30] audit: type=1326 audit(1762869211.478:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  183.594104][   T30] audit: type=1326 audit(1762869211.478:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6594 comm="syz.4.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddb778f6c9 code=0x7ffc0000
[  185.988740][ T6619] random: crng reseeded on system resumption
[  190.250328][ T6640] loop3: detected capacity change from 0 to 1024
[  190.267300][ T6640] EXT4-fs: Ignoring removed i_version option
[  190.282261][ T6640] EXT4-fs: inline encryption not supported
[  190.444319][ T6640] EXT4-fs (loop3): Test dummy encryption mode enabled
[  191.116921][ T6640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.140238][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.405336][ T6661] trusted_key: syz.1.165 sent an empty control message without MSG_MORE.
[  192.996422][ T6659] loop4: detected capacity change from 0 to 1024
[  193.092580][ T6659] EXT4-fs: Ignoring removed orlov option
[  193.298319][ T6659] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.438255][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.444631][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  195.257411][ T5912] IPVS: starting estimator thread 0...
[  195.685531][ T6678] IPVS: using max 48 ests per chain, 115200 per kthread
[  195.744889][   T30] audit: type=1804 audit(1762869223.628:54): pid=6659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.167" name="/newroot/36/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  195.941136][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.333671][ T6684] loop2: detected capacity change from 0 to 32768
[  196.348656][ T6684] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.173 (6684)
[  196.369823][ T6684] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  196.380219][ T6684] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  196.629047][ T6688] loop4: detected capacity change from 0 to 22
[  196.636265][ T6688] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  196.646716][ T6688] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  196.668864][ T6700] loop1: detected capacity change from 0 to 64
[  196.731184][ T6700] hfs: unable to locate alternate MDB
[  196.736805][ T6700] hfs: continuing without an alternate MDB
[  196.761330][ T6684] BTRFS info (device loop2): enabling ssd optimizations
[  196.768360][ T6684] BTRFS info (device loop2): turning on async discard
[  196.775137][ T6684] BTRFS info (device loop2): enabling free space tree
[  199.122851][ T5822] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  199.908852][ T6725] netlink: 32 bytes leftover after parsing attributes in process `syz.0.176'.
[  200.556291][ T6735] faux_driver vgem: [drm] Unknown color mode 2054; guessing buffer size.
[  201.520814][ T6720] loop4: detected capacity change from 0 to 8192
[  201.715025][   T30] audit: type=1800 audit(1762869229.608:55): pid=6720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.178" name="file1" dev="loop4" ino=1048655 res=0 errno=0
[  206.705442][ T6768] loop3: detected capacity change from 0 to 64
[  206.722433][ T6768] hfs: unable to locate alternate MDB
[  206.728024][ T6768] hfs: continuing without an alternate MDB
[  207.365375][ T5825] Bluetooth: hci2: command 0x0406 tx timeout
[  207.457942][ T5830] Bluetooth: hci1: command 0x0406 tx timeout
[  207.464068][ T5830] Bluetooth: hci4: command 0x0406 tx timeout
[  207.473246][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  207.481007][ T5825] Bluetooth: hci0: command 0x0406 tx timeout
[  214.396904][ T6824] loop2: detected capacity change from 0 to 64
[  214.516934][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  214.527915][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  214.540440][ T6824] hfs: unable to locate alternate MDB
[  214.546501][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  214.575385][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  214.577771][ T6824] hfs: continuing without an alternate MDB
[  214.599032][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  216.679271][ T5832] Bluetooth: hci5: command tx timeout
[  218.516105][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.000748][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.128071][ T5832] Bluetooth: hci5: command tx timeout
[  219.472037][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.495773][ T6864] loop3: detected capacity change from 0 to 22
[  219.513968][ T6864] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  219.554861][ T6864] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  219.760452][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.995432][ T6873] loop1: detected capacity change from 0 to 256
[  220.305914][ T6825] chnl_net:caif_netlink_parms(): no params data found
[  221.198153][   T13] bridge_slave_1: left allmulticast mode
[  221.208081][ T5832] Bluetooth: hci5: command tx timeout
[  221.225032][   T13] bridge_slave_1: left promiscuous mode
[  221.261419][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.651612][   T13] bridge_slave_0: left allmulticast mode
[  221.784687][   T13] bridge_slave_0: left promiscuous mode
[  221.798064][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.882247][ T6886] loop1: detected capacity change from 0 to 8192
[  222.947706][   T30] audit: type=1800 audit(1762869250.828:56): pid=6886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.215" name="file1" dev="loop1" ino=1048657 res=0 errno=0
[  223.398480][ T5832] Bluetooth: hci5: command tx timeout
[  225.943412][ T6912] loop1: detected capacity change from 0 to 128
[  225.980573][ T6912] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  226.000779][ T6912] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  226.035410][ T6916] loop0: detected capacity change from 0 to 512
[  226.057253][ T6916] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  226.159324][ T6916] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.222: bad orphan inode 131083
[  226.173986][ T6916] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.196656][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.219186][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.231066][   T13] bond0 (unregistering): Released all slaves
[  227.407538][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.432879][ T5820] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  227.598815][ T6825] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.606010][ T6825] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.646189][ T6825] bridge_slave_0: entered allmulticast mode
[  227.670902][ T6825] bridge_slave_0: entered promiscuous mode
[  227.715715][ T6825] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.964328][ T6825] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.987899][ T6825] bridge_slave_1: entered allmulticast mode
[  228.006173][ T6825] bridge_slave_1: entered promiscuous mode
[  229.096077][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'.
[  229.722868][ T6954] random: crng reseeded on system resumption
[  231.620925][ T6973] loop2: detected capacity change from 0 to 128
[  231.944050][ T6825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.202184][ T6980] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  232.210243][ T6980] FAT-fs (loop2): Filesystem has been set read-only
[  235.342957][ T6825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.621454][ T6825] team0: Port device team_slave_0 added
[  237.528958][ T6825] team0: Port device team_slave_1 added
[  238.074661][   T13] hsr_slave_0: left promiscuous mode
[  238.117012][   T13] hsr_slave_1: left promiscuous mode
[  238.138925][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.162429][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.232306][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.647343][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.859752][   T13] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  238.935005][   T13] batman_adv: batadv0: Removing interface: virt_wifi0
[  238.984473][ T7032] syz.1.243 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  238.996532][ T7032] random: crng reseeded on system resumption
[  239.054137][   T13] veth1_macvtap: left promiscuous mode
[  239.312037][ T7035] loop2: detected capacity change from 0 to 128
[  239.356485][   T13] veth0_macvtap: left promiscuous mode
[  239.557724][   T13] veth1_vlan: left promiscuous mode
[  239.563348][   T13] veth0_vlan: left promiscuous mode
[  239.653909][ T7039] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  239.661683][ T7039] FAT-fs (loop2): Filesystem has been set read-only
[  241.658042][ T7048] loop2: detected capacity change from 0 to 1024
[  242.496031][ T7051] autofs: Unknown parameter '0x0000000000000000'
[  242.896915][ T7054] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  242.904166][ T7054] overlayfs: failed to set xattr on upper
[  242.913436][ T7054] overlayfs: ...falling back to redirect_dir=nofollow.
[  242.920736][ T7054] overlayfs: ...falling back to index=off.
[  242.930484][ T7054] overlayfs: ...falling back to uuid=null.
[  243.776116][ T7058] loop2: detected capacity change from 0 to 32768
[  243.791372][ T7058] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.250 (7058)
[  243.872397][ T7058] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  243.882701][ T7058] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  244.286235][ T7058] BTRFS info (device loop2): enabling ssd optimizations
[  244.293314][ T7058] BTRFS info (device loop2): turning on async discard
[  244.300450][ T7058] BTRFS info (device loop2): enabling free space tree
[  244.735104][   T30] audit: type=1800 audit(1762869272.608:57): pid=7076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.250" name="file2" dev="loop2" ino=261 res=0 errno=0
[  245.422100][ T5822] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  246.671478][   T13] team0 (unregistering): Port device team_slave_1 removed
[  246.874105][   T13] team0 (unregistering): Port device team_slave_0 removed
[  249.289210][ T7093] loop0: detected capacity change from 0 to 128
[  249.658697][ T6825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.733648][ T7104] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  249.741460][ T7104] FAT-fs (loop0): Filesystem has been set read-only
[  249.762806][ T6825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.134691][ T6825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  250.386540][ T6825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  250.405735][ T6825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.476292][ T6825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  250.819453][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  250.834135][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  250.895083][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  250.910616][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  250.923494][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  251.554761][ T7122] loop0: detected capacity change from 0 to 1024
[  251.624309][ T7122] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  251.663987][ T7122] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  251.698016][ T7122] EXT4-fs (loop0): orphan cleanup on readonly fs
[  251.726893][ T7122] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.260: Freeing blocks not in datazone - block = 0, count = 4096
[  251.767129][ T7122] EXT4-fs (loop0): 1 orphan inode deleted
[  251.818502][ T6825] hsr_slave_0: entered promiscuous mode
[  251.824930][ T6825] hsr_slave_1: entered promiscuous mode
[  251.831722][ T7122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.896985][ T7128] delete_channel: no stack
[  251.903935][ T7128] loop2: detected capacity change from 0 to 22
[  251.911159][ T7128] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  251.941104][ T7128] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  252.152406][ T6825] debugfs: 'hsr0' already exists in 'hsr'
[  252.158306][ T6825] Cannot create hsr debugfs directory
[  252.967780][ T5834] Bluetooth: hci4: command tx timeout
[  252.977981][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.619921][ T5144] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  254.630613][ T5144] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  254.639997][ T5144] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  254.648830][ T5144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  254.657318][ T5144] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  255.101022][ T5144] Bluetooth: hci4: command tx timeout
[  255.187904][ T5921] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  255.290534][ T7030] ------------[ cut here ]------------
[  255.297488][ T7030] WARNING: ./include/linux/ns_common.h:255 at put_mnt_ns+0x152/0x190, CPU#0: syz.1.243/7030
[  255.307816][ T7030] Modules linked in:
[  255.311762][ T7030] CPU: 0 UID: 0 PID: 7030 Comm: syz.1.243 Not tainted syzkaller #0 PREEMPT(full) 
[  255.323513][ T7030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  255.337264][ T7030] RIP: 0010:put_mnt_ns+0x152/0x190
[  255.343324][ T7030] Code: 79 00 00 bf 01 00 00 00 89 ee e8 c9 c0 7d ff 85 ed 7e 1f e8 80 bc 7d ff 5b 41 5e 41 5f 5d e9 55 ab 18 09 cc e8 6f bc 7d ff 90 <0f> 0b 90 e9 33 ff ff ff e8 61 bc 7d ff 4c 89 f7 be 03 00 00 00 5b
[  255.363715][ T7030] RSP: 0018:ffffc9001c07fa68 EFLAGS: 00010293
[  255.370035][ T7030] RAX: ffffffff82436311 RBX: ffff88805c206400 RCX: ffff88801cbabd00
[  255.378230][ T7030] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  255.386288][ T7030] RBP: 00000000ffffffff R08: ffff88805c2064bb R09: 1ffff1100b840c97
[  255.395183][ T7030] R10: dffffc0000000000 R11: ffffed100b840c98 R12: dffffc0000000000
[  255.403413][ T7030] R13: 0000000000000000 R14: ffff88805c2064b8 R15: dffffc0000000000
[  255.411616][ T7030] FS:  0000000000000000(0000) GS:ffff888125ecc000(0000) knlGS:0000000000000000
[  255.422270][ T7030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  255.429030][ T7030] CR2: 0000000000000000 CR3: 00000000274e2000 CR4: 00000000003526f0
[  255.438234][ T7030] Call Trace:
[  255.441612][ T7030]  <TASK>
[  255.444598][ T7030]  free_nsproxy+0x46/0x560
[  255.449352][ T7030]  do_exit+0x6b8/0x2300
[  255.453575][ T7030]  ? irqentry_exit+0x5ba/0x640
[  255.458533][ T7030]  ? __pfx_do_exit+0x10/0x10
[  255.463277][ T7030]  ? preempt_schedule_common+0x83/0xd0
[  255.468842][ T7030]  ? preempt_schedule+0xae/0xc0
[  255.473742][ T7030]  ? __pfx_preempt_schedule+0x10/0x10
[  255.479316][ T7030]  do_group_exit+0x21c/0x2d0
[  255.483967][ T7030]  get_signal+0x1285/0x1340
[  255.488721][ T7030]  arch_do_signal_or_restart+0x9a/0x7a0
[  255.490006][ T5921] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  255.494405][ T7030]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  255.494447][ T7030]  ? schedule+0x16f/0x360
[  255.518258][ T7030]  exit_to_user_mode_loop+0x87/0x4f0
[  255.526023][ T7030]  ? rcu_is_watching+0x15/0xb0
[  255.531209][ T7030]  do_syscall_64+0x2e9/0xfa0
[  255.535950][ T7030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.542226][ T7030]  ? clear_bhb_loop+0x60/0xb0
[  255.546964][ T7030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.552991][ T7030] RIP: 0033:0x7f950f58f6c9
[  255.557456][ T7030] Code: Unable to access opcode bytes at 0x7f950f58f69f.
[  255.564666][ T7030] RSP: 002b:00007f95104ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  255.573324][ T7030] RAX: fffffffffffffffc RBX: 00007f950f7e6180 RCX: 00007f950f58f6c9
[  255.575238][ T5921] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  255.581452][ T7030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  255.581473][ T7030] RBP: 00007f950f611f91 R08: 0000000000000000 R09: 0000000000000000
[  255.606705][ T7030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.614922][ T7030] R13: 00007f950f7e6218 R14: 00007f950f7e6180 R15: 00007fffb25750d8
[  255.615398][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  255.623352][ T7030]  </TASK>
[  255.623384][ T7030] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  255.623401][ T7030] CPU: 0 UID: 0 PID: 7030 Comm: syz.1.243 Not tainted syzkaller #0 PREEMPT(full) 
[  255.623424][ T7030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  255.623435][ T7030] Call Trace:
[  255.623444][ T7030]  <TASK>
[  255.623452][ T7030]  dump_stack_lvl+0x99/0x250
[  255.623485][ T7030]  ? __asan_memcpy+0x40/0x70
[  255.623515][ T7030]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.623544][ T7030]  ? __pfx__printk+0x10/0x10
[  255.623579][ T7030]  vpanic+0x237/0x6d0
[  255.623597][ T7030]  ? __pfx_vpanic+0x10/0x10
[  255.623612][ T7030]  ? is_bpf_text_address+0x292/0x2b0
[  255.623633][ T7030]  ? is_bpf_text_address+0x26/0x2b0
[  255.623661][ T7030]  panic+0xb9/0xc0
[  255.623677][ T7030]  ? __pfx_panic+0x10/0x10
[  255.623709][ T7030]  __warn+0x318/0x4d0
[  255.623726][ T7030]  ? put_mnt_ns+0x152/0x190
[  255.623755][ T7030]  ? put_mnt_ns+0x152/0x190
[  255.623780][ T7030]  report_bug+0x2be/0x4f0
[  255.623807][ T7030]  ? put_mnt_ns+0x152/0x190
[  255.623833][ T7030]  ? put_mnt_ns+0x152/0x190
[  255.623859][ T7030]  ? put_mnt_ns+0x154/0x190
[  255.623885][ T7030]  handle_bug+0x84/0x160
[  255.623907][ T7030]  exc_invalid_op+0x1a/0x50
[  255.623927][ T7030]  asm_exc_invalid_op+0x1a/0x20
[  255.623944][ T7030] RIP: 0010:put_mnt_ns+0x152/0x190
[  255.623969][ T7030] Code: 79 00 00 bf 01 00 00 00 89 ee e8 c9 c0 7d ff 85 ed 7e 1f e8 80 bc 7d ff 5b 41 5e 41 5f 5d e9 55 ab 18 09 cc e8 6f bc 7d ff 90 <0f> 0b 90 e9 33 ff ff ff e8 61 bc 7d ff 4c 89 f7 be 03 00 00 00 5b
[  255.623985][ T7030] RSP: 0018:ffffc9001c07fa68 EFLAGS: 00010293
[  255.624004][ T7030] RAX: ffffffff82436311 RBX: ffff88805c206400 RCX: ffff88801cbabd00
[  255.624019][ T7030] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  255.624032][ T7030] RBP: 00000000ffffffff R08: ffff88805c2064bb R09: 1ffff1100b840c97
[  255.624047][ T7030] R10: dffffc0000000000 R11: ffffed100b840c98 R12: dffffc0000000000
[  255.624060][ T7030] R13: 0000000000000000 R14: ffff88805c2064b8 R15: dffffc0000000000
[  255.624081][ T7030]  ? put_mnt_ns+0x151/0x190
[  255.624113][ T7030]  ? put_mnt_ns+0x151/0x190
[  255.624140][ T7030]  free_nsproxy+0x46/0x560
[  255.624166][ T7030]  do_exit+0x6b8/0x2300
[  255.624200][ T7030]  ? irqentry_exit+0x5ba/0x640
[  255.624219][ T7030]  ? __pfx_do_exit+0x10/0x10
[  255.624236][ T7030]  ? preempt_schedule_common+0x83/0xd0
[  255.624263][ T7030]  ? preempt_schedule+0xae/0xc0
[  255.624289][ T7030]  ? __pfx_preempt_schedule+0x10/0x10
[  255.624326][ T7030]  do_group_exit+0x21c/0x2d0
[  255.624351][ T7030]  get_signal+0x1285/0x1340
[  255.624393][ T7030]  arch_do_signal_or_restart+0x9a/0x7a0
[  255.624417][ T7030]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  255.624456][ T7030]  ? schedule+0x16f/0x360
[  255.624483][ T7030]  exit_to_user_mode_loop+0x87/0x4f0
[  255.624507][ T7030]  ? rcu_is_watching+0x15/0xb0
[  255.624539][ T7030]  do_syscall_64+0x2e9/0xfa0
[  255.624557][ T7030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.624576][ T7030]  ? clear_bhb_loop+0x60/0xb0
[  255.624599][ T7030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.624618][ T7030] RIP: 0033:0x7f950f58f6c9
[  255.624634][ T7030] Code: Unable to access opcode bytes at 0x7f950f58f69f.
[  255.624644][ T7030] RSP: 002b:00007f95104ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  255.624663][ T7030] RAX: fffffffffffffffc RBX: 00007f950f7e6180 RCX: 00007f950f58f6c9
[  255.624678][ T7030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  255.624690][ T7030] RBP: 00007f950f611f91 R08: 0000000000000000 R09: 0000000000000000
[  255.624702][ T7030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.624713][ T7030] R13: 00007f950f7e6218 R14: 00007f950f7e6180 R15: 00007fffb25750d8
[  255.624744][ T7030]  </TASK>
[  255.632511][ T7030] Kernel Offset: disabled